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Claims: 

The following listing of pending claims is for informational purposes. No claims have 
been amended, added or cancelled. 

1 . (Previously Presented) A method for control and maintenance of an operational 
organizational structure, involving cryptographic control and maintenance of entities within 
one or more business organizations, the method being automated using a computing device, 
the method comprising: 

associating cryptographic capabilities with electronic representations of entities within 
an organizational structure of the one or more business organizations; 

organizing entities within the organizational structure as roles through associating the 
electronic representations of entities with electronic representations of roles; and 

upon any addition, deletion or modification of an entity, a cryptographic capability, or 
any of their associations, maintaining roles within the organizational structure by adding, 
deleting or modifying electronic representations of the entities, cryptographic capabilities, 
roles, or any of their associations. 

2. (Original) A method as in claim 1, wherein the method involves at least a public 
key infrastructure operation. 

3. (Original) A method as in claim 1 wherein the control and maintenance further 
comprises: 

assigning elements in said organizational structure to roles within said organizational 
structure. 

4. (Original) A method as in claim 1 wherein the control and maintenance further 
comprises: 

assigning elements in said organizational structure to groups within said 
organizational structure. 



5. (Canceled) 
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6. (Original) A method as in claim 3 wherein at least some of said elements are 
already grouped elements. 

7. (Previously Presented) A method as in claim 1 wherein said method involves 
access control technology. 

8. (Previously Presented) A method as in claim 1 wherein said method involves at 
least an access control operation. 

9. (Previously Presented) A method as in claim 1 wherein said method involves at 
least a data-base operation. 

10. (Previously Presented) A method as in claim 1 wherein said method involves at 
least one operation implemented in a hardware device. 

11. (Previously Presented) A method as in claim 1 wherein the operational 
organizational structure represents at least one commercial organization. 

12. (Previously Presented) A method as in claim 1 wherein the operational 
organizational structure represents at least two organizations, and wherein one of said 
organizations performs at least one function on behalf of another of said organizations. 

13. (Previously Presented) A method as in claim 1 wherein the method further 
comprises changing software whose authorization is checlced. 

14. (Previously Presented) A method as in claim 1 wherein the method further 
comprises changing hardware. 

15. (Previously Presented) A method as in claim 1 wherein the method further 
comprises moving hardware. 

16. (Previously Presented) A system for control and maintenance of an operational 
structure involving at least one cryptographic method, entities within a business organization, 
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characteristics of said entities and relationships between said entities, wherein the system 
comprises code executable by a computing device to: 

maintain electronic representations of capabilities of entities of a business 
organization; 

maintain electronic representations of functions of said entities; 

maintain electronic representations of characteristics of said entities; 

maintain electronic representations of relationships of said entities; and 

change the maintained electronic representations of said entities said characteristics 
and said relationships upon an addition, deletion, or modification of a characteristic or 
relationship of the entities. 

17. (Previously Presented) A system as in claim 16 where at least one of said entities 
is an individual in an organization. 

18. (Previously Presented) A system as in claim 16 where at least one of said entities 
is a group of individuals in an organization. 

19. (Original) A system as in claim 16 where at least one capability is a role in an 
organization. 

20. (Original) A system as in claim 16 where at least one capability is a task in an 
organization. 

21. (Original) A system as in claim 16 where at least one function is an operation by a 
functionary in an organization. 

22. (Original) A system as in claim 16 where at least one function is an operation by a 
group of functionaries in an organization. 

23. (Original) A system as in claim 16 where said entities in an organization are 
represented in a public key infrastructure directory. 
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24. (Original) A system as in claim 16 where at least one of said characteristics and 
said relationships is represented in a directory. 

25. (Previously Presented) A system as in claim 16 where at least one of said 
characteristics, at least one of said relationships, or both is represented in a public key 
infrastructure directory. 

26. (Previously Presented) A system as in claim 16 where an operation of said system 
involves updating at least one directory. 

27. (Previously Presented) A system as in claim 16 where an operation of said system 
involves updating at least one public key infrastructure directory. 

28. (Previously Presented) A system as in claim 16 where said code to change said 
maintained elements comprises code to change information processing control structure. 

29. (Previously Presented) A system as in claim 16 where said code to change said 
maintained elements comprises code to change cryptographic certification information within 
the public-key infrastructure directories. 

30. (Previously Presented) A system as in claim 16 where said code to change said 
maintained elements comprises code to change databases. 

31. (Previously Presented) A system as in claim 16 where said code to change said 
maintained elements comprises code to change cryptographic certification information within 
the public-key infrastructure directories and further database changes. 

32. (Original) A system as in claim 16 where said entities, said characteristics and 
said relationships are maintained by combining databases components and components of 
certification authorities of a public key infrastructure. 

33. (Original) A system as in claim 16 where said entities are represented in one 
directory and said characteristics and said relationships are represented in a second directory. 



-5- 



FRANKEL ET AL. - 09/503,181 
Client/Matter: 061047-0265650 

34. (Previously Presented) A system as in claim 16 where said entities are 
represented in at least a first directory and said characteristics and said relationships are 
represented in at least a second directory. 

35. (Original) A system as in claim 16 comprising observers, where said entities said 
characteristics and said relationships are partially visible to various observers. 

36. (Previously Presented) A system as in claim 16 where an operation of said system 
comprises cryptographic key management operations. 

37. (Previously Presented) A system as in claim 16 where an operation of said system 
is activated by at least one designated entity amongst said entities. 

38. (Previously Presented) A system as in claim 16 where an operation of said system 
is activated based on agreed upon rules. 

39. (Previously Presented) A system as in claim 16 where an operation of said system 
is activated based on authorizations. 

40. (Previously Presented) A system as in claim 16 where an operation of said system 
comprises database maintenance operations involving said entities said characteristics and 
said relationships. 

41. (Original) A system as in claim 16 where said characteristics and said 
relationships define authorization rules. 

42. (Original) A system as in claim 16 where said characteristics and said 
relationships define authorization rules based on access structure. 

43. (Original) A system as in claim 16 where said characteristics and said 
relationships define authorization rules based on cryptographic capability. 
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44. (Original) A system as in claim 16 where said characteristics and said 
relationships define authorization rules based on shared cryptographic capability. 

45. (Original) A system as in claim 16 with the additional operations of logging said 
system's operations. 

46. (Original) A system as in claim 16 with the additional operations of logging said 
system's operations, where said logging is performed in various locations in said system. 

47. (Original) A system as in claim 16 with the additional operations of monitoring 
operations within said system. 

48. (Original) A system as in claim 16 with the additional operations of time-stamping 
operations within said system. 

49. (Original) A system as in claim 16 where at least one of said system's operations 
is performed distributedly via communication. 

50. (Original) A system as in claim 16 where at least one of said system's operations 
is a distributed database operation. 

51. (Original) A system as in claim 16 where at least one of said system's operations 
involves physical handling of devices to one of said entities. 

52. (Previously Presented) A database system embodied in a tangible medium 
representing a business organization involving directories representing entities within said 
business organization, their characteristics, roles, and relationships together with their 
associations with cryptographic capabilities, the database system comprising the following 
transactional components: 

connection to cryptographic authorities representing the cryptographic capabilities 
associated with said entities, said characteristics and said relationships; 

a maintenance system embodied in a tangible medium by which said database and 
said cryptographic authorities are maintained in coordination and by authorized parties 
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assuring the representation of said organization and said cryptographic capabilities are 
soundly associated as defined by coordination directives; and 

maintenance transactions acting within said maintenance system, maintaining a view 
representing said organization. 

53. (Original) A system as in claim 52 wherein said organization comprises a plurality 
of entities. 

54. (Original) A system as in claim 52 wherein said cryptographic authorities is a 
plurality of at least one certification authorities. 

56. (Original) A system as in claim 52 wherein said cryptographic authorities is a 
plurality of authorities organized hierarchically. 

57. (Original) A system as in claim 52 wherein said authorized parties are maintained 
by another instantiation of the system. 

58. (Previously Presented) A system as in claim 52 wherein said authorized parties are 
assigned by management of said organization. 

59. (Previously Presented) A system as in claim 52 wherein said coordinating 
directives involve crj^jtographic fields assuring integrity of the operation. 

60. (Original) A system as in claim 52 wherein said maintaining view representing an 
organization may present different characteristics and components to different outside 
reviewers. 

61. (Original) A system as in claim 52 wherein said cryptographic capabilities involve 
digital certificates. 

62. (Previously Presented) A system as in claim 52 wherein said organization 
comprises various organizational units. 
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63. (Previously Presented) A system as in claim 52 wherein said organization 
comprises various organizational units where entities are defined in one unit and their roles 
are defined within a second unit. 

64. (Previously Presented) A method as in claim 1 where a plurality of entities are 
electronically visible to one part of the organization, a first set of outside viewers, or both, 
and roles or characteristics thereof are electronically visible to another part of the 
organization, a second set of outside viewers, or both. 

65. (Previously Presented) A method as in claim 1 where maintaining of roles within 
the organizational structure is protected and can be performed only by an authorized party 
inside or outside the organization. 

66. (Previously Presented) A system as in claim 16 where a plurality of entities are 
electronically visible to one part of the organization, a first set of outside viewers, or both, 
and roles or characteristics thereof are electronically visible to another part of the 
organization, a second set of outside viewers, or both. 

67. (Previously Presented) A system as in claim 16 where change to the maintained 
electronic representations of said entities said characteristics or said relationships is protected 
and can be performed only by an authorized party inside or outside the organization. 



